← Volver a CVEs
CVE-2024-8878
CRITICAL9.8
Descripcion
The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: through 4.05.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado9/25/2024
Ultima modificacion11/4/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
riello-ups:netman_204riello-ups:netman_204_firmware
Debilidades (CWE)
CWE-640CWE-640
Referencias
https://cyberdanube.com/en/en-multiple-vulnerabilities-in-riello-netman-204/index.html(office@cyberdanube.com)
http://seclists.org/fulldisclosure/2024/Sep/50(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.